phdrea Privacy Policy

1.1 The data controller responsible for your personal information collected through the phdrea Platform is the operator of phdrea.bio, a PAGCOR-licensed online gaming operator registered and operating in the Republic of the Philippines.

1.2 phdrea has designated a Data Protection Officer (DPO) in compliance with Section 21 of the Philippine Data Privacy Act of 2012. The DPO oversees phdrea's compliance with RA 10173 and the National Privacy Commission's (NPC) implementing rules and regulations.

1.3 For any privacy-related inquiries, data subject requests, or concerns regarding this Privacy Policy, you may contact phdrea's DPO at [email protected].

2.1 Registration Data. When you create a phdrea Account, we collect: your full legal name, date of birth, Philippine mobile number, email address, and a username and password of your choosing.

2.2 Identity Verification Data (KYC). To comply with PAGCOR KYC requirements and the Anti-Money Laundering Act (AMLA), phdrea collects copies of government-issued identification documents, which may include: PhilSys National ID, Philippine passport, LTO driver's license, or other PAGCOR-approved identification. We may also collect a selfie or live photo for identity matching purposes.

2.3 Financial Data. We collect information necessary to process your deposits and withdrawals, including GCash account references, bank account details (for BPI, BDO, Metrobank transfers), and transaction records. phdrea does not store full payment card numbers.

2.4 Gaming Activity Data. We maintain records of your gameplay activity on the phdrea Platform, including game sessions, bets placed, results, bonus activity, and account balance changes. This data is required for regulatory compliance and dispute resolution.

2.5 Technical & Device Data. When you access phdrea, we automatically collect certain technical data, including: IP address, device type and operating system, browser type and version, session timestamps, and cookies. See Section 9 for details on cookies.

2.6 Communications Data. If you contact phdrea support, we retain records of those communications, including live chat transcripts and any information you voluntarily provide during support interactions.

phdrea collects personal data through the following means:

• Direct collection: Information you provide when registering, completing KYC verification, making deposits or withdrawals, or contacting customer support;
• Automated collection: Technical and device data collected automatically when you access the phdrea Platform through cookies, log files, and similar tracking technologies;
• Third-party sources: Identity verification data may be cross-referenced with third-party identity verification services and, where required, government databases in the Philippines, in compliance with applicable law;
• Payment providers: Transaction data shared with phdrea by payment processors such as GCash, Maya, and Philippine banking partners for the purpose of processing and recording your financial transactions.

phdrea processes your personal data for the following specific, legitimate purposes:

• Creating and managing your phdrea Account and providing access to all Platform services;
• Verifying your identity and age (21+) as required by PAGCOR and the Anti-Money Laundering Act;
• Processing deposits, withdrawals, and other financial transactions in Philippine Peso;
• Detecting and preventing fraud, money laundering, account takeover, and other prohibited activities;
• Administering bonuses, promotions, and loyalty programs in accordance with their terms;
• Providing customer support and resolving disputes;
• Complying with phdrea's obligations under PAGCOR licensing conditions, AMLA, RA 10173, and other applicable Philippine law;
• Sending service-related communications, including important account notifications and security alerts;
• Improving the Platform through analysis of aggregated, anonymized usage data;
• Sending promotional communications, where you have provided consent or where permitted by applicable law and you have not opted out.

phdrea processes your personal data on the following legal bases under the Philippine Data Privacy Act of 2012:

• Contractual necessity: Processing required to perform the contract between you and phdrea — specifically, to provide you with access to the Platform and its services;
• Legal obligation: Processing required to comply with PAGCOR regulations, the Anti-Money Laundering Act, the Data Privacy Act, and other applicable Philippine law;
• Legitimate interests: Processing for fraud prevention, security monitoring, and Platform improvement, where these interests do not override your data privacy rights;
• Consent: Processing for marketing communications and non-essential cookies, where your explicit consent has been obtained.

6.1 phdrea does not sell your personal data to third parties under any circumstances.

6.2 phdrea may share your personal data with the following categories of recipients, solely for the purposes described in Section 4:

• PAGCOR: As the regulator of phdrea's operations, PAGCOR may require access to player data as part of its regulatory oversight, audit, or investigation functions;
• Anti-Money Laundering Council (AMLC): Where phdrea is required by law to report suspicious transactions or provide records under the Philippine Anti-Money Laundering Act;
• Payment processors: GCash (Mynt), Maya (PayMaya Philippines), and Philippine banking partners, solely for the purpose of processing your financial transactions;
• Identity verification providers: Third-party KYC and identity verification service providers engaged by phdrea to verify player identity in compliance with PAGCOR requirements;
• Game providers: Game software providers may receive pseudonymized session data necessary to deliver game content and ensure fair play;
• Law enforcement and courts: Where phdrea is legally required to disclose personal data pursuant to a valid court order, subpoena, or government request under Philippine law.

6.3 All third parties with whom phdrea shares personal data are required to process that data only for the specified purpose and in compliance with applicable data protection law.

7.1 Some of phdrea's service providers, including game software providers and certain technical infrastructure partners, may be located outside the Republic of the Philippines. Where personal data is transferred internationally, phdrea ensures that such transfers are subject to appropriate safeguards consistent with the requirements of the Philippine Data Privacy Act.

7.2 Where cross-border data transfers occur, phdrea implements contractual data protection measures with the receiving parties to ensure your personal data receives a standard of protection equivalent to that afforded under Philippine law.

8.1 phdrea retains your personal data for as long as your Account is active, and for a period thereafter as required by applicable law and regulation.

8.2 Under PAGCOR's record-keeping requirements and the Philippine Anti-Money Laundering Act, transaction records and KYC documents must be retained for a minimum of five (5) years from the date of the last transaction or from Account closure, whichever is later.

8.3 Following the applicable retention period, personal data will be securely deleted or anonymized in accordance with phdrea's data retention and disposal policy.

9.1 phdrea uses cookies and similar tracking technologies on the Platform for the following purposes:

• Essential cookies: Necessary for the Platform to function — including maintaining your login session and security tokens. These cannot be disabled.
• Functional cookies: Remember your preferences (e.g., language settings) to improve your experience on phdrea.
• Analytics cookies: Collect aggregated, anonymized data about how users interact with the Platform, used to identify improvements. No personally identifiable data is transmitted to analytics providers.

9.2 Non-essential cookies are used only with your consent, which you may withdraw at any time through your browser settings. Note that disabling cookies may affect certain Platform functionality.

Under the Philippine Data Privacy Act of 2012, phdrea users have the following rights with respect to their personal data:

The phdrea Platform is strictly restricted to individuals aged 21 years and above, in compliance with PAGCOR regulations. phdrea does not knowingly collect personal data from individuals under the age of 21. If phdrea discovers that a person under 21 has provided personal data or registered an Account, that Account will be immediately closed, the data will be deleted, and any deposits will be returned in accordance with applicable regulations.

If you have reason to believe that a minor has registered on the phdrea Platform, please notify us immediately at [email protected].

phdrea implements appropriate technical and organizational security measures to protect your personal data against unauthorized access, accidental loss, destruction, or disclosure. These measures include:

• SSL/TLS encryption for all data transmitted between your device and the phdrea Platform;
• Encryption of sensitive personal data and financial information at rest;
• Role-based access controls limiting employee access to personal data on a need-to-know basis;
• Regular security assessments and penetration testing of Platform infrastructure;
• Multi-factor authentication for administrative access to systems containing personal data;
• Incident response procedures aligned with NPC breach notification requirements.

While phdrea takes security seriously, no online system can guarantee absolute security. You are responsible for maintaining the security of your own login credentials and for notifying phdrea immediately if you suspect unauthorized access to your Account.

phdrea reserves the right to update this Privacy Policy at any time to reflect changes in our data processing practices, regulatory requirements, or Platform operations. Material changes will be communicated to registered users via the Platform interface or the contact information on file with your Account, at least seven (7) days before the changes take effect. The "Effective Date" at the top of this Privacy Policy will be updated to reflect the date of the most recent revision. Your continued use of the phdrea Platform after the effective date of any amendment constitutes your acknowledgment of the revised Privacy Policy.

For any questions, concerns, or requests relating to this Privacy Policy or phdrea's processing of your personal data, please contact:

Data Protection Officer, phdrea
Email: [email protected]
(Plain text — not a clickable link. This email address is for privacy matters only.)

You also have the right to file a complaint directly with the National Privacy Commission of the Philippines if you believe your data privacy rights have been violated. Information about the NPC complaints process is available through official Philippine government channels.

phdrea is a PAGCOR-licensed online gaming operator. This Privacy Policy is governed by and construed in accordance with the Philippine Data Privacy Act of 2012 (RA 10173) and all implementing rules issued by the National Privacy Commission.